<?php 
require_once('database.php');
$link=connectDB();
$tbl_name='login'; // Table name

// username and password sent from form
$username=$_POST['username'];
$pass1=$_POST['pass1'];
$pass2=$_POST['pass2'];

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$pass1 = stripslashes($pass1);
$pass2 = stripslashes($pass2);
$username = mysql_real_escape_string($username);
$pass1 = mysql_real_escape_string($pass1);
$pass2 = mysql_real_escape_string($pass2);
if($pass1 == $pass2 && $pass1 != "" && $pass2 != "" && $username != "") {
	$sql="INSERT INTO $tbl_name(name, pass) VALUES ('$username', '$pass1');";
	$result=mysql_query($sql, $link);
	header('Location: login.php');
	exit;
}else {
	header('Location: register.php');
}
?>